mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-26 01:53:24 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			69 lines
		
	
	
		
			3.9 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			69 lines
		
	
	
		
			3.9 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| 
 | |
| # This requires the dnspython library which is usually unavailable.
 | |
| - name: Check DNS SRV record for {{ dns_srv_record_check.service_and_protocol }} on {{ dns_srv_record_check.domain }} using Ansible dig lookup
 | |
|   set_fact:
 | |
|     lookup_dig_srv: "{{ lookup('dig', (dns_srv_record_check.service_and_protocol + '.' + dns_srv_record_check.domain + '/SRV'), 'flat=0', wantlist=False) }}"
 | |
|   register: result_lookup_dig_srv
 | |
|   ignore_errors: true
 | |
| 
 | |
| - name: Fail if DNS SRV check via Ansible dig lookup failed for non-dependency reason
 | |
|   fail:
 | |
|     msg: "DNS SRV record check via Ansible dig lookup plugin (which uses the dnspython package) failed. Error is: {{ result_lookup_dig_srv.msg }}"
 | |
|   when: "result_lookup_dig_srv.failed and 'dnspython' not in result_lookup_dig_srv.msg"
 | |
| 
 | |
| # Fallback to using the dig CLI tool if dnspython was unavailable.
 | |
| - name: Check DNS SRV record for {{ dns_srv_record_check.service_and_protocol }} on {{ dns_srv_record_check.domain }} using dig CLI tool
 | |
|   shell:
 | |
|     cmd: "dig -t srv {{ (dns_srv_record_check.service_and_protocol + '.' + dns_srv_record_check.domain)|quote }}"
 | |
|   register: result_cli_dig_srv
 | |
|   changed_when: false
 | |
|   ignore_errors: true
 | |
|   when: "lookup_dig_srv is not defined"
 | |
| 
 | |
| - name: Fail if dig CLI used and failed
 | |
|   fail:
 | |
|     msg: >-
 | |
|       Failed performing DNS SRV record check.
 | |
|       You neither have the `dnspython` Python package, nor the `dig` program installed locally.
 | |
|       You need to install one of those, so we could perform a DNS SRV record check.
 | |
|       Full error from trying to run `dig`: {{ result_cli_dig_srv }}
 | |
|   when: "lookup_dig_srv is not defined and result_cli_dig_srv.stderr != ''"
 | |
| 
 | |
| # Some DNS servers may respond with '' (stands for "No Answer").
 | |
| # Most usually, a missing record would yield a 'NXDOMAIN' response.
 | |
| # In any case, we consider any non-mapping response to mean "missing record".
 | |
| - name: Fail if DNS SRV record missing (Ansible dig lookup)
 | |
|   fail:
 | |
|     msg: >-
 | |
|       It appears the DNS SRV record for {{ dns_srv_record_check.service_and_protocol }} on {{ dns_srv_record_check.domain }} is not set up correctly (the record is missing).
 | |
|       See the 'Configuring DNS' documentation for this playbook.
 | |
|   when: "lookup_dig_srv is defined and lookup_dig_srv is not mapping"
 | |
| 
 | |
| - name: Fail if DNS SRV record incorrect (Ansible dig lookup)
 | |
|   fail:
 | |
|     msg: >-
 | |
|       It appears the DNS SRV record for {{ dns_srv_record_check.service_and_protocol }} on {{ dns_srv_record_check.domain }} is not set up correctly.
 | |
|       Expected it to point to `{{ dns_srv_record_check.expected_target }}` (port {{ dns_srv_record_check.expected_port }}).
 | |
|       Found it pointing to `{{ lookup_dig_srv.target }}` (port {{ lookup_dig_srv.port }}).
 | |
|       See the 'Configuring DNS' documentation for this playbook.
 | |
|   when: "lookup_dig_srv is defined and (lookup_dig_srv.target != dns_srv_record_check.expected_target or lookup_dig_srv.port != dns_srv_record_check.expected_port)"
 | |
| 
 | |
| # We expect an answer like this:
 | |
| # ;; ANSWER SECTION:
 | |
| # _matrix._tcp.DOMAIN. 10800	IN	SRV	10 0 8448 matrix.DOMAIN.
 | |
| - name: Fail if DNS SRV record missing or incorrect (dig CLI tool)
 | |
|   fail:
 | |
|     msg: >-
 | |
|       It appears the DNS SRV record for {{ dns_srv_record_check.service_and_protocol }} on {{ dns_srv_record_check.domain }} is not set up correctly.
 | |
|       Expected it to point to `{{ dns_srv_record_check.expected_target }}` (port {{ dns_srv_record_check.expected_port }}).
 | |
|       See the 'Configuring DNS' documentation for this playbook.
 | |
|       Full response from the `dig` lookup was: {{ result_cli_dig_srv }}
 | |
|   when: "lookup_dig_srv is not defined and (dns_srv_record_check.expected_port|string + ' ' + dns_srv_record_check.expected_target) not in result_cli_dig_srv.stdout"
 | |
| 
 | |
| - name: Report correct DNS SRV record
 | |
|   debug:
 | |
|     msg: >-
 | |
|       The DNS SRV record for `{{ dns_srv_record_check.service_and_protocol }}` on `{{ dns_srv_record_check.domain }}`
 | |
|       points to `{{ dns_srv_record_check.expected_target }}` (port {{ dns_srv_record_check.expected_port }}), as expected.
 |